ForgeRock releases OpenAM 10.0.0

SAN FRANCISCO, Calif. – April 16, 2012 – ForgeRock is pleased to announce the general availability of OpenAM 10.0.0, one of the key products in the I³ Open Platform. ForgeRock strengthens OpenAM Authentication, Authorization and Federation capabilities by adding OAuth 2.0, Risk Based Authentication and the Open Identity Gateway. In addition, several key enhancements to security, performance, reliability and replication have been implemented.

The OpenAM 10.0.0 release is a major upgrade and it sets the stage for a modern architecture and introduces many new important features, general improvements to the core product, as well as to the agents. A large amount of the code base has been audited and cleaned up, and as a result the overall quality has been improved. Since the initial release of OpenAM more than a thousand bugs, security issues and improvements have been resolved.

OpenAM 10.0.0 is the result of several months of intensive research and development work at ForgeRock combined with input and feedback from the flourishing ForgeRock open source community for OpenAM and our customers. This release significantly strengthens the security and integration capabilities of the standards based I³ Open Platform. It includes improvements in the areas of Federation with SAML 2.0 and OAuth 2.0, application integration, Risk Based Authentication, and key enhancements in security, reliability, performance and the underlying replication architecture.

The release features the following industry-leading capabilities:

  • Open Identity Gateway (OpenIG): A high performance identity proxy that expedites the integration of web applications into an OpenAM Single Sign-On environment without touching the application. Ideal for legacy applications where changes to the security model are contraindicated. OpenIG also extends the SAML 2.0 Service Provider capabilities of the OpenAM offering.
  • Risk Based Authentication: Measure the risk associated with an authentication event and challenge with additional stronger credentials if the need arises. This is now part of the authentication framework and includes capabilities such as geographic location evaluation, time since last login, number of authentication failures check, ip address history check, cookie associated with a device check and attribute profile check, among others.
  • OAuth 2.0 authentication: Users can now federate their accounts from Google, Facebook, MSN, and any OAuth 2.0 provider with OpenAM.
  • SAML 2.0 Identity Provider enhanced capabilities that ease the interaction with end-users for several tasks such as approval of attribute release to service providers. This is implemented as an additional hook into the SAML 2.0 framework.
  • ForgeRock’s OpenDJ is now the embedded configuration store.

OpenAM comprises in one single product the features and capabilities usually found in several products. The latest version can be obtained from the OpenAM community downloads area.